[Freeswitch-users] SRTP-Support

Brian West brian.west at mac.com
Wed Jan 16 05:21:04 PST 2008 

BTW srtp via SDES was added lastnight.  interop with SNOM ..  
Grandstream didn't work with SDES.. but the SNOM did flawlessly.  And  
examples were added to the default config for usage.

/b

On Jan 16, 2008, at 6:50 AM, Brian West wrote:

> Just generate your certs.. and set the tls to true in the config....
> thats all you ahve to do.
>
> /b
>
> On Jan 16, 2008, at 3:47 AM, Alois Komenda wrote:
>
>>
>> Hello,
>>
>> I get this error when starting FS with TLS enabled:
>>
>> 2008-01-16 10:32:41 [DEBUG] sofia.c:464 sofia_profile_thread_run()
>> Set params for default
>> 2008-01-16 10:32:41 [DEBUG] sofia.c:486 sofia_profile_thread_run()
>> activated db for default
>> 2008-01-16 10:32:41 [DEBUG] sofia.c:516 sofia_profile_thread_run()
>> Starting thread for default
>> nta: bind(192.168.0.21:5061;transport=tls): Protocol not supported
>> nua: initializing SIP stack failed
>> 2008-01-16 10:32:41 [ERR] sofia.c:434 sofia_profile_thread_run()
>> Error Creating SIP UA for profile: 192.168.0.21
>>
>> I tried with transport=tcp and without any transport setting. The
>> result is always this error message (with the respective protocol).
>>
>> What's wrong here?
>>
>> --
>> Alois Komenda
>> Fraunhofer-Einrichtung für Systeme der Kommunikationstechnik ESK
>>
>>
>>
>>
>>
>> -----Ursprüngliche Nachricht-----
>> Von: freeswitch-users-bounces at lists.freeswitch.org [mailto:freeswitch-users-bounces at lists.freeswitch.org
>> ] Im Auftrag von Brian West
>> Gesendet: Dienstag, 15. Januar 2008 15:59
>> An: freeswitch-users at lists.freeswitch.org
>> Betreff: Re: [Freeswitch-users] SRTP-Support
>>
>> Their has been a script added to SVN for this purpose its
>> gentls_cert in scripts.  And should allow you to create your CA and
>> various files required for sofia's TLS ... BTW TCP is required on
>> all SIP ua's no matter if its TLS or not.  Anything that doesn't do
>> TCP is violating the spec because it says TCP and UDP are a MUST.  ;)
>>
>> /b
>>
>> On Jan 15, 2008, at 1:36 AM, Alois Komenda wrote:
>>
>>> How do I set up TLS?
>>> Do I have to enable TCP to get it working?
>>> Can I use it without certificates? Are the names agent.pem and
>>> cafile.pem (as mentioned in the comments in sofia config files)
>>> mandatory?
>>> What is the assumed content of this files? (agent.pem = private key;
>>> cafile.pem = certificate?)
>>>
>>> Is there any documentation that could answer this questions?
>>> Searching for "tls" or "ssl" or "sips" in the wiki did not bring any
>>> results.
>>>
>>> Thanks a lot in advance!
>>>
>>> --
>>> Alois Komenda
>>> Fraunhofer-Einrichtung für Systeme der Kommunikationstechnik ESK
>>>
>>>
>>>
>>> Von: freeswitch-users-bounces at lists.freeswitch.org
>>> [mailto:freeswitch-users-bounces at lists.freeswitch.org
>>> ] Im Auftrag von Michael Jerris
>>> Gesendet: Freitag, 11. Januar 2008 15:39
>>> An: freeswitch-users at lists.freeswitch.org
>>> Betreff: Re: [Freeswitch-users] SRTP-Support
>>>
>>> We don't currently have the support integrated into mod_sofia.  That
>>> being said, we just got TLS support running, and I believe that
>>> someone was working on integrating the SRTP key negotiation.
>>>
>>> Mike
>>>
>>> On Jan 11, 2008, at 7:24 AM, Alois Komenda wrote:
>>>
>>>> Hello,
>>>>
>>>> my question is: does FreeSWITCH support SRTP? I guess yes, because
>>>> libsrtp is in the dependency list.
>>>> But how do I configure FS to use SRTP? I did not find any hints in
>>>> the documentation.
>>>>
>>>> Best Regards
>>>> --
>>>> Alois Komenda
>>>> Fraunhofer-Einrichtung für Systeme der Kommunikationstechnik ESK
>>>>
>>>>
>>>> _______________________________________________
>>>> Freeswitch-users mailing list
>>>> Freeswitch-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-
>>>> us
>>>> ers
>>>> http://www.freeswitch.org
>>>
>>> _______________________________________________
>>> Freeswitch-users mailing list
>>> Freeswitch-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-
>>> use
>>> rs
>>> http://www.freeswitch.org
>>
>>
>> _______________________________________________
>> Freeswitch-users mailing list
>> Freeswitch-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>> _______________________________________________
>> Freeswitch-users mailing list
>> Freeswitch-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org

More information about the FreeSWITCH-users mailing list